mbed TLS v2.11.0
|
This file contains ECDSA definitions and functions. More...
Go to the source code of this file.
Macros | |
#define | MBEDTLS_ECDSA_MAX_LEN ( 3 + 2 * ( 3 + MBEDTLS_ECP_MAX_BYTES ) ) |
#define | MBEDTLS_DEPRECATED __attribute__((deprecated)) |
Typedefs | |
typedef mbedtls_ecp_keypair | mbedtls_ecdsa_context |
The ECDSA context structure. More... | |
Functions | |
int | mbedtls_ecdsa_sign (mbedtls_ecp_group *grp, mbedtls_mpi *r, mbedtls_mpi *s, const mbedtls_mpi *d, const unsigned char *buf, size_t blen, int(*f_rng)(void *, unsigned char *, size_t), void *p_rng) |
This function computes the ECDSA signature of a previously-hashed message. More... | |
int | mbedtls_ecdsa_sign_det (mbedtls_ecp_group *grp, mbedtls_mpi *r, mbedtls_mpi *s, const mbedtls_mpi *d, const unsigned char *buf, size_t blen, mbedtls_md_type_t md_alg) |
This function computes the ECDSA signature of a previously-hashed message, deterministic version. More... | |
int | mbedtls_ecdsa_verify (mbedtls_ecp_group *grp, const unsigned char *buf, size_t blen, const mbedtls_ecp_point *Q, const mbedtls_mpi *r, const mbedtls_mpi *s) |
This function verifies the ECDSA signature of a previously-hashed message. More... | |
int | mbedtls_ecdsa_write_signature (mbedtls_ecdsa_context *ctx, mbedtls_md_type_t md_alg, const unsigned char *hash, size_t hlen, unsigned char *sig, size_t *slen, int(*f_rng)(void *, unsigned char *, size_t), void *p_rng) |
This function computes the ECDSA signature and writes it to a buffer, serialized as defined in RFC-4492: Elliptic Curve Cryptography (ECC) Cipher Suites for Transport Layer Security (TLS). More... | |
int | mbedtls_ecdsa_write_signature_det (mbedtls_ecdsa_context *ctx, const unsigned char *hash, size_t hlen, unsigned char *sig, size_t *slen, mbedtls_md_type_t md_alg) MBEDTLS_DEPRECATED |
This function computes an ECDSA signature and writes it to a buffer, serialized as defined in RFC-4492: Elliptic Curve Cryptography (ECC) Cipher Suites for Transport Layer Security (TLS). More... | |
int | mbedtls_ecdsa_read_signature (mbedtls_ecdsa_context *ctx, const unsigned char *hash, size_t hlen, const unsigned char *sig, size_t slen) |
This function reads and verifies an ECDSA signature. More... | |
int | mbedtls_ecdsa_genkey (mbedtls_ecdsa_context *ctx, mbedtls_ecp_group_id gid, int(*f_rng)(void *, unsigned char *, size_t), void *p_rng) |
This function generates an ECDSA keypair on the given curve. More... | |
int | mbedtls_ecdsa_from_keypair (mbedtls_ecdsa_context *ctx, const mbedtls_ecp_keypair *key) |
This function sets an ECDSA context from an EC key pair. More... | |
void | mbedtls_ecdsa_init (mbedtls_ecdsa_context *ctx) |
This function initializes an ECDSA context. More... | |
void | mbedtls_ecdsa_free (mbedtls_ecdsa_context *ctx) |
This function frees an ECDSA context. More... | |
This file contains ECDSA definitions and functions.
The Elliptic Curve Digital Signature Algorithm (ECDSA) is defined in Standards for Efficient Cryptography Group (SECG): SEC1 Elliptic Curve Cryptography. The use of ECDSA for TLS is defined in RFC-4492: Elliptic Curve Cryptography (ECC) Cipher Suites for Transport Layer Security (TLS).
Definition in file ecdsa.h.
#define MBEDTLS_ECDSA_MAX_LEN ( 3 + 2 * ( 3 + MBEDTLS_ECP_MAX_BYTES ) ) |
void mbedtls_ecdsa_free | ( | mbedtls_ecdsa_context * | ctx | ) |
This function frees an ECDSA context.
ctx | The ECDSA context to free. |
int mbedtls_ecdsa_from_keypair | ( | mbedtls_ecdsa_context * | ctx, |
const mbedtls_ecp_keypair * | key | ||
) |
This function sets an ECDSA context from an EC key pair.
ctx | The ECDSA context to set. |
key | The EC key to use. |
0
on success. MBEDTLS_ERR_ECP_XXX
code on failure. int mbedtls_ecdsa_genkey | ( | mbedtls_ecdsa_context * | ctx, |
mbedtls_ecp_group_id | gid, | ||
int(*)(void *, unsigned char *, size_t) | f_rng, | ||
void * | p_rng | ||
) |
This function generates an ECDSA keypair on the given curve.
ctx | The ECDSA context to store the keypair in. |
gid | The elliptic curve to use. One of the various MBEDTLS_ECP_DP_XXX macros depending on configuration. |
f_rng | The RNG function. |
p_rng | The RNG context. |
0
on success. MBEDTLS_ERR_ECP_XXX
code on failure. void mbedtls_ecdsa_init | ( | mbedtls_ecdsa_context * | ctx | ) |
This function initializes an ECDSA context.
ctx | The ECDSA context to initialize. |
int mbedtls_ecdsa_read_signature | ( | mbedtls_ecdsa_context * | ctx, |
const unsigned char * | hash, | ||
size_t | hlen, | ||
const unsigned char * | sig, | ||
size_t | slen | ||
) |
This function reads and verifies an ECDSA signature.
ctx | The ECDSA context. |
hash | The message hash. |
hlen | The size of the hash. |
sig | The signature to read and verify. |
slen | The size of sig . |
0
on success. sig
, but its length is less than siglen
. MBEDTLS_ERR_ECP_XXX
or MBEDTLS_ERR_MPI_XXX
error code on failure for any other reason. int mbedtls_ecdsa_sign | ( | mbedtls_ecp_group * | grp, |
mbedtls_mpi * | r, | ||
mbedtls_mpi * | s, | ||
const mbedtls_mpi * | d, | ||
const unsigned char * | buf, | ||
size_t | blen, | ||
int(*)(void *, unsigned char *, size_t) | f_rng, | ||
void * | p_rng | ||
) |
This function computes the ECDSA signature of a previously-hashed message.
grp | The ECP group. |
r | The first output integer. |
s | The second output integer. |
d | The private signing key. |
buf | The message hash. |
blen | The length of buf . |
f_rng | The RNG function. |
p_rng | The RNG context. |
0
on success. MBEDTLS_ERR_ECP_XXX
or MBEDTLS_MPI_XXX
error code on failure. int mbedtls_ecdsa_sign_det | ( | mbedtls_ecp_group * | grp, |
mbedtls_mpi * | r, | ||
mbedtls_mpi * | s, | ||
const mbedtls_mpi * | d, | ||
const unsigned char * | buf, | ||
size_t | blen, | ||
mbedtls_md_type_t | md_alg | ||
) |
This function computes the ECDSA signature of a previously-hashed message, deterministic version.
For more information, see RFC-6979: Deterministic Usage of the Digital Signature Algorithm (DSA) and Elliptic Curve Digital Signature Algorithm (ECDSA).
grp | The ECP group. |
r | The first output integer. |
s | The second output integer. |
d | The private signing key. |
buf | The message hash. |
blen | The length of buf . |
md_alg | The MD algorithm used to hash the message. |
0
on success. MBEDTLS_ERR_ECP_XXX
or MBEDTLS_MPI_XXX
error code on failure. int mbedtls_ecdsa_verify | ( | mbedtls_ecp_group * | grp, |
const unsigned char * | buf, | ||
size_t | blen, | ||
const mbedtls_ecp_point * | Q, | ||
const mbedtls_mpi * | r, | ||
const mbedtls_mpi * | s | ||
) |
This function verifies the ECDSA signature of a previously-hashed message.
grp | The ECP group. |
buf | The message hash. |
blen | The length of buf . |
Q | The public key to use for verification. |
r | The first integer of the signature. |
s | The second integer of the signature. |
0
on success. MBEDTLS_ERR_ECP_XXX
or MBEDTLS_MPI_XXX
error code on failure for any other reason. int mbedtls_ecdsa_write_signature | ( | mbedtls_ecdsa_context * | ctx, |
mbedtls_md_type_t | md_alg, | ||
const unsigned char * | hash, | ||
size_t | hlen, | ||
unsigned char * | sig, | ||
size_t * | slen, | ||
int(*)(void *, unsigned char *, size_t) | f_rng, | ||
void * | p_rng | ||
) |
This function computes the ECDSA signature and writes it to a buffer, serialized as defined in RFC-4492: Elliptic Curve Cryptography (ECC) Cipher Suites for Transport Layer Security (TLS).
sig
buffer must be at least twice as large as the size of the curve used, plus 9. For example, 73 Bytes if a 256-bit curve is used. A buffer length of MBEDTLS_ECDSA_MAX_LEN is always safe.ctx | The ECDSA context. |
md_alg | The message digest that was used to hash the message. |
hash | The message hash. |
hlen | The length of the hash. |
sig | The buffer that holds the signature. |
slen | The length of the signature written. |
f_rng | The RNG function. |
p_rng | The RNG context. |
0
on success. MBEDTLS_ERR_ECP_XXX
, MBEDTLS_ERR_MPI_XXX
or MBEDTLS_ERR_ASN1_XXX
error code on failure. int mbedtls_ecdsa_write_signature_det | ( | mbedtls_ecdsa_context * | ctx, |
const unsigned char * | hash, | ||
size_t | hlen, | ||
unsigned char * | sig, | ||
size_t * | slen, | ||
mbedtls_md_type_t | md_alg | ||
) |
This function computes an ECDSA signature and writes it to a buffer, serialized as defined in RFC-4492: Elliptic Curve Cryptography (ECC) Cipher Suites for Transport Layer Security (TLS).
The deterministic version is defined in RFC-6979: Deterministic Usage of the Digital Signature Algorithm (DSA) and Elliptic Curve Digital Signature Algorithm (ECDSA).
sig
buffer must be at least twice as large as the size of the curve used, plus 9. For example, 73 Bytes if a 256-bit curve is used. A buffer length of MBEDTLS_ECDSA_MAX_LEN is always safe.ctx | The ECDSA context. |
hash | The message hash. |
hlen | The length of the hash. |
sig | The buffer that holds the signature. |
slen | The length of the signature written. |
md_alg | The MD algorithm used to hash the message. |
0
on success. MBEDTLS_ERR_ECP_XXX
, MBEDTLS_ERR_MPI_XXX
or MBEDTLS_ERR_ASN1_XXX
error code on failure.